SAML Authentication

Article Number:02034
Intended audience: cybozu.cn Administrators

This page describes how to integrate an existing Identity Provider (IdP) with cybozu.cn using SAML authentication.
When SAML authentication is enabled, users can single sign-on (SSO) into cybozu.cn by using user accounts registered with IdPs such as Microsoft Entra ID and Okta.

IdPs That Can Be Integrated with cybozu.cn

The permanent link has been copied.

cybozu.cn can be integrated with IdPs that support SAML 2.0.

When SAML authentication is enabled, cybozu.cn acts as a Service Provider (SP) and uses SP-initiated SSO. The following bindings are used for the SAML request and SAML response:

  • SAML request: HTTP Redirect Binding
  • SAML response: HTTP POST Binding

Services That Support SAML Authentication

The permanent link has been copied.
SAML authentication can be used in all services and license plans in cybozu.cn.
However, kintone guests cannot use SAML authentication.

Steps to Enable SAML Authentication

The permanent link has been copied.

Configure both the IdP and cybozu.cn by following the steps below.
IdP settings should be configured in advance.

  1. Registering cybozu.cn with the IdP

  2. Configuring SAML Authentication for cybozu.cn

  3. Enabling to Use Only SAML Authentication When Logging In